SQL inj and XSS
Can someone please help me with finding a good read on SQL injection and XSS ( concept and controls) . I have gone throught MSFT, Wiki and OWASP articles...but they are a little too high level for a person like me with no s/w and d/b background
All help is appreciated
All help is appreciated
Comments
-
JDMurray
Admin Posts: 13,091 Admin
SQL injection and cross-site scripting attacks are two different things, although they are both code injection attacks that can be combined for a single effect. If the Wikipedia's articles on these subjects is too technical for you then you'll need to start learning how scripting works in HTML and how SQL is used to maintain information stored in relational databases. Otherwise, you'll have to settle for abstract descriptions like, "XSS is used to trick a Web browser into going to a malicious Web server using scripting techniques that exploit vulnerabilities in Web-based applications."
Cross-site scripting - Wikipedia, the free encyclopedia
SQL injection - Wikipedia, the free encyclopedia -
kriscamaro68
Member Posts: 1,186 ■■■■■■■□□□
Try skeptikal.org he writes some good info about those and other things.